Single sign-on (SSO) technology is a session/user authentication process that permits an on-line user to enter identity information, for example, a user name and a password, in response to prompts in order to access multiple applications, e.g. email, banking services, shopping services, etc., at various web sites or internet domains hosted by a service provider, on a single mobile device. The SSO process authenticates the user for all the applications that he or she has been given rights to, and eliminates further prompts when the user switches applications during a particular on-line session. Security Assertion Markup Language (SAML) and Web Authorization Protocol (OAuth) are examples of open standards for exchanging authentication and authorization data between such multiple applications on a single mobile device.
As advantageous as the known SSO processes have been, they do not support SSO when a user of one mobile device changes or switches to another mobile device. By way of example, a user may be checking his or her email on a personal digital assistant or a smartphone, and then, for whatever reason, may subsequently wish to check his or her email, or even run a different application, on his or her laptop computer or a desktop computer. Thereafter, the user may wish to check his or her email, or even run a different application, on his or her tablet. The user may, in case of emergency, subsequently wish to run an application, on his or her land mobile radio (LMR). At present, whenever the user changes mobile devices, he or she must enter re-enter the identity information, for example, the user name and password, in response to prompts made by each new mobile device. At present, there is no SSO process that supports the user among a plurality of mobile devices.
Accordingly, there is a need to enable SSO across a plurality of mobile devices to reduce the amount of time and the annoyance of having to log in and enter the identity information each and every time that the user changes devices, to reduce administrative overhead in resetting forgotten identity information, and to enable the user to select stronger passwords since only one password, rather than multiple passwords, needs to be remembered.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions and locations of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present invention.
The apparatus and method components have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.